Machine Learning Based Detection and Evasion Techniques for Advanced Web Bots.

Web bots are programs that can be used to browse the web and perform different types of automated actions, both benign and malicious. Such web bots vary in sophistication based on their purpose, ranging from simple automated scripts to advanced web bots that have a browser fingerprint and exhibit a humanlike behaviour. Advanced web bots are especially appealing to malicious web bot creators, due to their browserlike fingerprint and humanlike behaviour which reduce their detectability. Several effective behaviour-based web bot detection techniques have been pro- posed in literature. However, the performance of these detection techniques when target- ing malicious web bots that try to evade detection has not been examined in depth. Such evasive web bot behaviour is achieved by different techniques, including simple heuris- tics and statistical distributions, or more advanced machine learning based techniques. Motivated by the above, in this thesis we research novel web bot detection techniques and how effective these are against evasive web bots that try to evade detection using, among others, recent advances in machine learning. To this end, we initially evaluate state-of-the-art web bot detection techniques against web bots of different sophistication levels and show that, while the existing approaches achieve very high performance in general, such approaches are not very effective when faced with only advanced web bots that try to remain undetected. Thus, we propose a novel web bot detection framework that can be used to detect effectively bots of varying levels of sophistication, including advanced web bots. This framework comprises and combines two detection modules: (i) a detection module that extracts several features from web logs and uses them as input to several well-known machine learning algo- rithms, and (ii) a detection module that uses mouse trajectories as input to Convolutional Neural Networks (CNNs). Moreover, we examine the case where advanced web bots utilise themselves the re- cent advances in machine learning to evade detection. Specifically, we propose two novel evasive advanced web bot types: (i) the web bots that use Reinforcement Learning (RL) to update their browsing behaviour based on whether they have been detected or not, and (ii) the web bots that have in their possession several data from human behaviours and use them as input to Generative Adversarial Networks (GANs) to generate images of humanlike mouse trajectories. We show that both approaches increase the evasiveness of the web bots by reducing the performance of the detection framework utilised in each case. We conclude that malicious web bots can exhibit high sophistication levels and com- bine different techniques that increase their evasiveness. Even though web bot detection frameworks can combine different methods to effectively detect such bots, web bots can update their behaviours using, among other, recent advances in machine learning to in- crease their evasiveness. Thus, the detection techniques should be continuously updated to keep up with new techniques introduced by malicious web bots to evade detection

Hybrid focused crawling on the Surface and the Dark Web

Focused crawlers enable the automatic discovery of Web resources about a given topic by automatically navigating through the Web link structure and selecting the hyperlinks to follow by estimating their relevance to the topic of interest. This work proposes a generic focused crawling framework for discovering resources on any given topic that reside on the Surface or the Dark Web. The proposed crawler is able to seamlessly navigate through the Surface Web and several darknets present in the Dark Web (i.e., Tor, I2P, and Freenet) during a single crawl by automatically adapting its crawling behavior and its classifier-guided hyperlink selection strategy based on the destination network type and the strength of the local evidence present in the vicinity of a hyperlink. It investigates 11 hyperlink selection methods, among which a novel strategy proposed based on the dynamic linear combination of a link-based and a parent Web page classifier. This hybrid focused crawler is demonstrated for the discovery of Web resources containing recipes for producing homemade explosives. The evaluation experiments indicate the effectiveness of the proposed focused crawler both for the Surface and the Dark Web

Cyber Security Certification Programmes

Although a large and fast-growing workforce for qualified cybersecurity professionals exists, developing a cybersecurity certification framework has to overcome many challenges. Towards this end, an extended review of the cybersecurity certifications offered currently on the market from 9 major issuing companies is conducted. Moreover, the guidelines for the definition of a cybersecurity certification framework as they are provided from the recent Cyber Security Act and framework of ENISA, NIST and ISO/IEC 17024 are covered. A vast comparison among the presented cybersecurity certifications is given, based not only on the cybersecurity domain covered but also the required level of candidate's experience. A proposed certification program has been also analyzed based on the learning pathways and the knowledge areas described in FORESIGHT

Synthesis, Bioactivity, Pharmacokinetic and Biomimetic Properties of Multi-Substituted Coumarin Derivatives

A series of novel multi-substituted coumarin derivatives were synthesized, spectroscopically characterized, and evaluated for their antioxidant activity, soybean lipoxygenase (LOX) inhibitory ability, their influence on cell viability in immortalized human keratinocytes (HaCaT), and cytotoxicity in adenocarcinomic human alveolar basal epithelial cells (A549) and human melanoma (A375) cells, in vitro. Coumarin analogues 4a–4f, bearing a hydroxyl group at position 5 of the coumarin scaffold and halogen substituents at the 3-phenyl ring, were the most promising ABTS•+ scavengers. 6,8-Dibromo-3-(4-hydroxyphenyl)-4-methyl-chromen-2-one (4k) and 6-bromo-3-(4,5-diacetyloxyphenyl)-4-methyl-chromen-2-one (3m) exhibited significant lipid peroxidation inhibitory activity (IC50 36.9 and 37.1 μM). In the DCF-DA assay, the 4′-fluoro-substituted compound 3f (100%), and the 6-bromo substituted compounds 3i (80.9%) and 4i (100%) presented the highest activity. The 3′-fluoro-substituted coumarins 3e and 4e, along with 3-(4-acetyloxyphenyl)-6,8-dibromo-4-methyl-chromen-2-one (3k), were the most potent lipoxygenase (LOX) inhibitors (IC50 11.4, 4.1, and 8.7 μM, respectively) while displaying remarkable hydroxyl radical scavenging ability, 85.2%, 100%, and 92.9%, respectively. In silico docking studies of compounds 4e and 3k, revealed that they present allosteric interactions with the enzyme. The majority of the analogues (100 μΜ) did not affect the cell viability of HaCaT cells, though several compounds presented over 60% cytotoxicity in A549 or A375 cells. Finally, the human oral absorption (%HOA) and plasma protein binding (%PPB) properties of the synthesized coumarins were also estimated using biomimetic chromatography, and all compounds presented high %HOA (>99%) and %PPB (60–97%) values